[groovy-user] HTTP Builder - How to bypass invalid SSL certificates? (javax.net.ssl.SSLPeerUnverifiedException)
2,694 views
Skip to first unread message
Dave McGee
Sep 27, 2013, 5:35:14 PM9/27/13
to us...@groovy.codehaus.org
Hi guys,
Regards,
Dave
Wondering if anyone knows how to straight-out accept or bypass invalid SSL certificates with the Groovy HTTP Builder. I am working with a customer testbed but it looks like the software on the machines we're hitting has invalid SSL certificates associated with it.
I am getting the error "javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated"
Here is my code:
@Grab(group='org.codehaus.groovy.modules.http-builder', module='http-builder', version='0.5.0-RC2' )
import groovyx.net.http.*
import static groovyx.net.http.ContentType.*
import static groovyx.net.http.Method.*
def http = new HTTPBuilder("https://blocked-out-URL-for-security")
http.auth.basic "userName", "password"
http.request(Method.GET, ContentType.BINARY) {
response.success = { resp ->
println resp
}
response.failure = { resp ->
println resp
}
}
Any help appreciated! Thank you
Dave
Anthony Bargnesi
Sep 28, 2013, 9:53:04 PM9/28/13
to us...@groovy.codehaus.org
Dave,
HTTP Builder uses the Apache HttpClient java library.
Check out this stackoverflow post that shows how to set up an SSLSocketFactory
class that no-ops host verification.
Anthony Bargnesi
Kendall Shaw
Sep 29, 2013, 10:02:37 AM9/29/13
to us...@groovy.codehaus.org
I think you can also just add the
certificate to a truststore. There is still a lot about SSL that I
don't understand though.
http://stackoverflow.com/questions/373295/digital-certificate-how-to-import-cer-file-in-to-truststore-file-using
One way to get the certificate is to use firefox. Browse the URL look at the certificate in page info and export it to a file. Then import with keytool, as shown above.
Kendall
http://stackoverflow.com/questions/373295/digital-certificate-how-to-import-cer-file-in-to-truststore-file-using
One way to get the certificate is to use firefox. Browse the URL look at the certificate in page info and export it to a file. Then import with keytool, as shown above.
Kendall
-- ThisIsHardToRead, asIsThis. This_is_easier, unless_it_is_underlined. This.is.easy. This-is-easy-too. Almost as easy to read as this.
Andrew Taylor
Sep 30, 2013, 11:13:33 AM9/30/13
to us...@groovy.codehaus.org
On 9/29/2013 8:02 AM, Kendall Shaw wrote:
> I think you can also just add the certificate to a truststore. There is
> still a lot about SSL that I don't understand though.
>
> http://stackoverflow.com/questions/373295/digital-certificate-how-to-import-cer-file-in-to-truststore-file-using
>
> One way to get the certificate is to use firefox. Browse the URL look at
> the certificate in page info and export it to a file. Then import with
> keytool, as shown above.
>
> Kendall
With recent versions of Java (>= 7, I think) you can get the certificate
> I think you can also just add the certificate to a truststore. There is
> still a lot about SSL that I don't understand though.
>
> http://stackoverflow.com/questions/373295/digital-certificate-how-to-import-cer-file-in-to-truststore-file-using
>
> One way to get the certificate is to use firefox. Browse the URL look at
> the certificate in page info and export it to a file. Then import with
> keytool, as shown above.
>
> Kendall
directly with the JDK's keytool. Run it like this:
keytool -printcert -sslserver myserver:443 -rfc > mycertificate.crt
--
Andrew Taylor
Ronny Løvtangen
Sep 29, 2013, 11:18:23 AM9/29/13
to us...@groovy.codehaus.org
An alternative to HTTP-builder is to use groovy-wslite: https://github.com/jwagenleitner/groovy-wslite
The documentation includes examples for "Using a custom SSL trust store" and "Trusting all SSL certs"
Ronny
Jean-Louis Jouannic
Oct 2, 2013, 4:40:09 AM10/2/13
to us...@groovy.codehaus.org
I think you can find everything you need in the HTTPBuilder documentation
JL
2013/9/27 Dave McGee <daveo...@gmail.com>
Reply all
Reply to author
Forward
0 new messages